1. Field of the Invention
The present invention generally relates to an access control apparatus, an access control method, an access control program, a recording medium, access control data, and relation description data, and specifically relates to an access control apparatus, an access control method, an access control program, a recording medium, access control data, and relation description data for controlling access to a predetermined resource.
2. Description of the Related Art
With the advancement in computer technology, it has become common to save and manage various information items as electronic documents. Electronic documents are, however, vulnerable in terms of security. For example, the electronic documents can be easily copied compared to paper documents. In view of that, techniques to ensure security of the electronic documents have been proposed.
One example may be XACML (extensible Access Control Markup Language) 2.0, which is a format for describing access control policies proposed as an industry standard by OASIS (Organization for the Advancement of Structured Information Standards) (see, for example, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml). XACML can describe access control policies that define which type of access is permitted to which document and which obligation is imposed upon permitting access. However, XACML is merely a description format for access control policies, and methods for ensuring security using XACML are not specified.
DRM (Digital Rights Management) technology is designed to prevent copying of electronic documents and may be used when, for example, distributing confidential document files. This technology is embodied in various forms. Among those, there is a method that encrypts a document to be distributed and allows only authenticated users to have a decryption key, thereby preventing unauthorized disclosure of information in distributed confidential documents.
In addition to the above described technologies, various other security technologies have been proposed (e.g. Japanese Patent No. 3546787). This indicates a high concern for security of electronic documents.
However, in actual use in organizations such as companies, a system that determines whether access to documents is permitted based on access control information defined for each combination of documents and users or groups, i.e., based on definitions such as “who is permitted to read which document” might be inconvenient.
For example, a person b1 in a department B receives a confidential document from a department A and needs to show that document to his/her boss b2 or his/her colleague b3 for consultation or for giving a presentation. If read rights for the boss b2 and the colleague b3 are not attached to the confidential document received from the department A, the person b1 needs to request the department A to attach read rights for the boss b2 and the colleague b3 to the document. Then the department A sends the confidential document again with the read rights for the boss b2 and the colleague b3.
Such a process is very troublesome for both the department A and the person b1, and is unacceptable as an operating cost for ensuring security. However, allowing the person b1 to freely give read rights to unrelated people might lead to unauthorized distribution of the document.
The department A needs to prevent such unauthorized distribution of the confidential document by the person b1, but it is difficult for the department A to know in advance who the boss of the person b1 is. It is also difficult for the department A to know who the colleague usually working with the person b1 is. Therefore, the department A cannot decide to whom to give read rights in advance.